An improper authentication vulnerability in SSL VPN in FortiOS 6.4.0, 6.2.0 to 6.2.3, 6.0.9 and below may result in a user being able to log in successfully without being prompted for the second factor of authentication (FortiToken) if they changed the case of their username.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
fortinet fortios |
||
fortinet fortios 6.4.0 |
Plus: Top universities hit by data-stealing extortionists
in Brief It was a tsunami of DNS queries that ultimately took out a host of Microsoft services, from Xbox Live to Teams, for some netizens about an hour on April Fools' Day, Redmond has said. Or as the Windows giant put it, the outage was the result of "an anomalous surge in DNS queries from across the globe targeting a set of domains hosted on Azure." In a postmortem examination of the downtime, Microsoft said the flood of requests triggered a programming flaw in its infrastructure that hampere...
Topics Security Off-Prem On-Prem Software Offbeat Vendor Voice Vendor Voice Resources FBI, CISA sound the alarm and detail IOCs
Hive ransomware criminals have hit more than 1,300 companies globally, extorting about $100 million from its victims over the last 18 months, according to the FBI. While Hive has only been around since June 2021, the ransomware-as-a-service operator has been extremely prolific in its relatively short existence, and taken an intense liking to critical infrastructure and hospitals, where locked IT systems can literally be a matter of life and death. In April, the US Health and Human Services...
Vulmon